. 69 stand rejected, and claims 38, 39, 70 and 71 are objected to. Applicants thank the Examiner for 
the indication of allowable subject matter in claims 38, 39, 70, and 71. 

Submitted concurrently herewith are formal drawings in substitution for the informal 
drawings submitted with the application as filed. Applicants respectfully request that the official 
draftsman reviews the formal drawings at his earliest convenience. 

Second Preliminary Amendment and IDS 

A Second Preliminary Amendment adding claims 82-91 was submitted on February 22, 2002, 
but this amendment was not reflected in the Office Action mailed on March 13, 2002. Applicants 
respectfully request that the Second Preliminary Amendment be entered as of the date of its receipt 
by the Office, and that the claims submitted in the Second Preliminary Amendment be considered 
simultaneously with the requested reconsideration of the pending claims. 

A Supplemental Information Disclosure Statement was also submitted February 22, 2002, but 
was not reflected in the Office Action mailed on March 13, 2002. Applicants respectfully request 
that the references cited in the Supplemental Information Disclosure Statement be considered and 
acknowledged at the Examiner's earliest convenience. 

On the Merits 

The Office Action restricted newly added claims 72-81 (group IV) as being drawn to an 
independent or distinct invention from the originally claimed invention in claims 28-39 and 67-71 
(group II), and constructively elected group II for prosecution on the merits. By the present 
amendment, Applicants cancel claims 72-81. 
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The Office Action rejected claims 28-37 and 67-69 under 35 U.S.C. § 103(a) as being 
unpatentable over Boden et al. (U.S. Pat. No. 6,330,562, hereinafter "Boden") in view of Risley et al, 
(U.S. Pat. No. 6,332,158, hereinafter "Risley"). Applicants respectfully traverse this rejection based 
on the following arguments. 

In order to reject a claim as obvious under § 103(a), three criteria must exist: 1) there must be 
some suggestion or motivation, either in the references themselves or in the knowledge generally 
available to one of ordinary skill in the art, to modify the reference or to combined reference 
teachings; 2) there must be a reasonable expectation of success; and 3) the prior art reference(s) must 
teach or suggest all the claim limitations. See MPEP § 706.02 (j); In re Vaeck, 947 F.2d 488 (Fed. 
Cir. 1991). 

First, Applicants submit that there is no motivation or suggestion to combine the Boden and 
Risley references. Boden discloses a data model for abstracting customer-defined VPN security 
policy information (Boden, Abstract). The system in Boden addresses the need to enable connection 
filter rules to be generated and loaded dynamically at negotiation time, due to remote initiating hosts 
having dynamically assigned IP addresses, Boden, col. 2, lines 38-41 (emphasis added). As cited in 
the Office Action, Boden allows for "dynamically establishing VPN connections with different 
security policies and other attributes, based solely on an unfixed IP address (e.g. [sic] a user ID), ..." 
Boden, col. 3, lines 14-16 (emphasis added). Boden does not disclose establishing a VPN based on 
a DNS request for an IP address. 

Risley discloses a DNS lookup system that allows intelligent correction of domain name 
searches by providing alternative suggestions of possible intended domain names when a DNS 
lookup was unsuccessful. Risley, Abstract. That is, when a user submits a domain name query, if 
the domain name exists, the domain name server (DNS) provides the corresponding machine address 
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back to the user, as is known in the art. However, if the domain name does not exist, the Risley 

domain name server returns a machine address for a machine that will help the user identify the 

desired domain name. Subsequently, the machine to which the user has been redirected suggests 

possible intended domain names based on heuristics such as common misspellings, phonetic errors, 

and the like. Risley, Abstract. Risley does not teach or suggest establishing a VPN based on a DNS 

■ . l 

request, nor establishing any sort of secure communications channel ove r ^network. ^ 

The Office Action states that establishing a secure connection between computers with the 
use of VPN would have been a desired feature in the art as suggested by Boden at col. 1 , lines 41-55. 
However, Boden at col. 1 , lines 41-55, discusses a general need for computer security, not a specific 
suggestion to incorporate the VPN techniques disclosed in Boden, or any other security technique, 
with a DNS lookup assistant as disclosed by Risley. In addition, there are many ways in which to 
create a VPN, and Boden at best only discloses a single specific security solution that may be used to 
establish a VPN. Boden does not include any suggestion or motivation to alter a DNS request 
scheme to create a VPN (in fact, there is only one instance of the acronym DNS in the entire Boden 
specification, col. 10, line 3, and no instances of the phrase "domain name service")- Indeed, Boden 
specifically states that "no verification is made via DNS or similar that [the mapping of ID to IP 
address] is correct." Id. 

The Office Action also states that "the system that made it easier to remember, access, and 
convey the location information in order to access information would have been also a desired 
feature in the art as suggested by [Risley col. 1 , lines 46-52]." However, Risley at col. 1, lines 46-52, 
discusses the general notion that users prefer using domain names (e.g., coolsite.com) rather than IP 
addresses (e.g., 199.227.249.232) when remembering, accessing, and conveying information. Risley 
does not provide a specific suggestion that its DNS service would benefit from the use of a VPN (or 
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any other type of security). Risley only discloses that users prefer to use domain names over IP 
addresses when remembering, accessing, and conveying information, and provides a system for 
helping a user identify an intended domain name. 

The Office Action concludes that it would have been obvious to combine the references in 
order to have "an easier to use and secure network connection because the teachings of these two 
references are complemented each other for easier to use and for securing network connection in a 
computer network." While two patents may ostensibly complement each other, this does not provide 
the necessary suggestion to combine the two references. In light of the fact that neither reference 
includes a specific suggestion to combine the references, the mere fact that two references are 
complementary does not provide the required suggestion or motivation. Risley does not teach or 



suggest establishing a VPN using its domain name resolution technique, nor does Boden teach using 




domain name resolution to establish a VPN. 

To allow the combination of Boden and Risley would allow the hindsight combination of 
almost any two references as long as they had something in common, e.g., they both relate to the 
Internet. The Federal Circuit has repeatedly stated that the limitations of a claim in a pending 
application cannot be used as a blueprint to piece together prior art in hindsight, In re Dembiczak, 50 
U.S.P.Q.2d 1614 (Fed. Cir. 1999), and that the Patent Office should rigorously apply the requirement 
that a teaching or motivation to combine prior art references needs to be provided. Id, (emphasis 
added). Thus, Applicants respectfully submit that that there is no motivation or suggestion to 
combine Risley, which discloses a modified DNS lookup system, with Boden, which discloses a 
specific VPN technique. 
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Second, even if the Boden and Risley references were combined, the combination would not 
teach or suggest all the limitations of any pending claim. The Office Action uses claim 37 as an 
exemplary claim, which requires: 

a DNS proxy server that receives a request from the client computer to look 
up an IP address for a domain name, wherein the DNS proxy server returns the IP 
address for the requested domain name if it is determined that access to a non-secure 
web site has been requested, and wherein the DNS proxy server generates a request to 
create the VPN between the client computer and the secure target computer if it is 
determined that access to a secure web site has been requested; and 

a gatekeeper computer that allocates resources for the VPN between the client 
computer and the secure web computer in response to the request by the DNS proxy 
server. 

At a minimum, neither Boden nor Risley discloses a DNS proxy server that "generates a 
request to create the VPN between the client computer and the secure target computer if it is 
determined that access to a secure web site has been requested. . . " Neither Risley nor Boden teach or 
suggest triggering the creation of a VPN in response to a DNS request. Instead, Risley discloses a 
modified DNS lookup, whereby when a DNS request is received that is unsuccessful, Risley 
redirects the requestor to a domain name resolver to assist the user with locating an intended domain 
name. Risley does not disclose generating a request to create a V PN, as is required- bv claim 37, nor 
does Risley determine whether access to a secure web site has been requested. Likewise, Boden does 
not disclose these limitation, as is admitted in the Office Action at page 5, para. 11. 

In addition, the Office Action does not indicate that either Boden or Risley includes a 
gatekeeper computer as is required by claim 37. 

Based at least on the above arguments, Applicants respectfully traverse the rejection of claim 
37 and its dependent claims. 

The Office Action also rejected claims 28-36 and 67-69 for the same reasons set forth with 
respect to claim 37 because the claims are similar in scope. Applicants submit that each claim 
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presents an individually patentable scope, and that these claims are allowable for at least the same 
reasons as claim 37. 

In addition, with respect to claim 31, none of the cited references teach or suggest, upon 
determining that a client computer is not authorized to establish a VPN with a secure web site, 
returning an error from the DNS request. 

With respect to claim 32, none of the cited references teach or suggest, upon determining that 
a client computer is not authorized to resolve addresses of non-secure target computers, returning an 
error from the DNS request. 

With respect to claim 33, none of the cited references teach or suggest establishing the VPN 
by creating an IP address hopping scheme between the client computer and the target computer, 
(see, e.g., allowable subject matter in claim 38). 

With respect to claim 34, none of the cited references teach or suggest using a gatekeeper 
computer that allocates VPN resources for communicating between the client computer and the 
target computer. 

With respect to claim 35, none of the cited references teach or suggest that step (2) is 
performed in a DNS proxy server that passes through the request to a DNS server if it is determined 
in step (3) that access is not being requested to a secure target web site. 

With respect to claim 68, none of the cited references teach or suggest communicating 
according to a scheme by which at least one field in a series of data packets is periodically changed 
according to a known sequence. 

With respect to claim 69, none of the cited references teach or suggest comparing an Internet 
Protocol (IP) address in a header of each data packet to a table of valid IP addresses maintained in a 
table in the second computer. 
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Based on the aforementioned Applicants respectfully submit that all pending claims are in 
condition for allowance, and Applicants request that the subject application be reconsidered and 
passed to issue at the Examiner's earliest possible convenience. 

If the Examiner has any questions or wishes to discuss this amendment, the Examiner is 
invited to telephone the undersigned representative at the number set forth below. 



Respectfully submitted, 



BANNER & WITCOFF, LTD. 





Bradley C. Wright 
Registration No. 38,061 
1001 GStreetN.W., 11 th Floor 
Washington, D.C. 20001 
(202) 508-9100 



Reg. No. 49,024 
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